<?php

namespace App\Http\Controllers;

use App\Http\Controllers\Controller;

class APIController extends Controller {
	public function index() {
		echo '222';
	}

	public function weixin() {

		echo $_GET["echostr"];die;

		$echoStr = $_GET["echostr"];

		//valid signature , option
		if ($this->checkSignature()) {
			echo $echoStr;
			exit;
		}
	}
	private function responseMsg() {
		//get post data, May be due to the different environments
		$postStr = $GLOBALS["HTTP_RAW_POST_DATA"];

		//extract post data
		if (!empty($postStr)) {
			/* libxml_disable_entity_loader is to prevent XML eXternal Entity Injection,
	                  the best way is to check the validity of xml by yourself */
			libxml_disable_entity_loader(true);
			$postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA);
			$fromUsername = $postObj->FromUserName;
			$toUsername = $postObj->ToUserName;
			$keyword = trim($postObj->Content);
			$time = time();
			$textTpl = "<xml>
							<ToUserName><![CDATA[%s]]></ToUserName>
							<FromUserName><![CDATA[%s]]></FromUserName>
							<CreateTime>%s</CreateTime>
							<MsgType><![CDATA[%s]]></MsgType>
							<Content><![CDATA[%s]]></Content>
							<FuncFlag>0</FuncFlag>
							</xml>";
			if ($keyword == "图片") {
				$this->responseImg();die;
			}
			if (!empty($keyword)) {
				$msgType = "text";
				// $contentStr = $keyword;
				$contentStr = $this->getMsg($keyword);
				$resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time, $msgType, $contentStr);
				echo $resultStr;
			} else {
				echo "Input something...";
			}

		} else {
			echo "";
			exit;
		}
	}

	// private function responseImg() {
	// 	//get post data, May be due to the different environments
	// 	$postStr = $GLOBALS["HTTP_RAW_POST_DATA"];

	// 	//extract post data
	// 	if (!empty($postStr)) {
	// 		/* libxml_disable_entity_loader is to prevent XML eXternal Entity Injection,
	//                   the best way is to check the validity of xml by yourself */
	// 		libxml_disable_entity_loader(true);
	// 		$postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA);
	// 		$fromUsername = $postObj->FromUserName;
	// 		$toUsername = $postObj->ToUserName;
	// 		$imgUrl = "./1.jpg";
	// 		$keyword = trim($postObj->Content);
	// 		$time = time();
	// 		$textTpl = "<xml>
	// 					 <ToUserName><![CDATA[%s]]></ToUserName>
	// 					 <FromUserName><![CDATA[%s]]></FromUserName>
	// 					 <CreateTime>%s</CreateTime>
	// 					 <MsgType><![CDATA[%s]]></MsgType>
	// 					 <PicUrl><![CDATA[%s]]></PicUrl>
	// 					 <MediaId><![CDATA[%s]]></MediaId>
	// 					 <MsgId>0</MsgId>
	// 					 </xml>";
	// 		if (!empty($keyword)) {
	// 			$msgType = "image";
	// 			// $contentStr = $keyword;
	// 			$contentStr = $this->getMsg($keyword, $this->getAppId($fromUsername));
	// 			$resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time, $imgUrl, $msgType, $contentStr);
	// 			echo $resultStr;
	// 		} else {
	// 			echo "Input something...";
	// 		}
	// 	} else {
	// 		echo "";
	// 		exit;
	// 	}
	// }

	// private function getMsg($msg, $id) {
	// 	$url = 'http://api.qingyunke.com/api.php?key=free&appid=' . $id . '&msg=' . $msg;

	// 	$ch = curl_init();
	// 	curl_setopt($ch, CURLOPT_URL, $url);
	// 	curl_setopt($ch, CURLOPT_HEADER, 0);
	// 	curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20120101 Firefox/17.0');
	// 	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
	// 	curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
	// 	$res = curl_exec($ch);
	// 	curl_close($ch);
	// 	$res = json_decode($res)->content;
	// 	if (preg_match('/{br}/', $res)) {
	// 		$res = preg_replace('/{br}/', '\n', $res);
	// 	}
	// 	return $res;
	// }

	private function checkSignature() {

		$signature = $_GET["signature"];
		$timestamp = $_GET["timestamp"];
		$nonce = $_GET["nonce"];

		$token = env('TOKEN');
		$tmpArr = array($token, $timestamp, $nonce);
		// use SORT_STRING rule
		sort($tmpArr, SORT_STRING);
		$tmpStr = implode($tmpArr);
		$tmpStr = sha1($tmpStr);

		if ($tmpStr == $signature) {
			return true;
		} else {
			return false;
		}
	}
}
